bennetrr · bennetrr · Jul 23, 2024 · Jul 22, 2024 · Jul 22, 2024 · Jul 23, 2024
diff --git a/README.md b/README.md
@@ -15,7 +15,7 @@ The frontend is configurable with the `env.js` file.
 | Name                  | Type     | Description                                                                              |
 |-----------------------|----------|------------------------------------------------------------------------------------------|
 | `apiBaseUrl`          | `string` | Base URL of the BrickInv API, e.g. `https://api.brickinv.com` or `http://localhost:5105` |
-| `clerkPublishableKey` | `string` | Publishable Key of the Clerk application                                                 |
+| `clerkPublishableKey` | `string` | Publishable key of the Clerk application                                                 |
 
 ### Backend
 
@@ -26,6 +26,8 @@ For development, the .NET user secret manager is recommended, for production a `
 |--------------------------------|-------------------------------|----------|--------------------------------------------------------------------------------------|
 | `AppConfig__RebrickableApiKey` | `AppConfig.RebrickableApiKey` | `string` | API key for Rebrickable, used for retrieving information about Lego sets             |
 | `AppConfig__AppBaseUrl`        | `AppConfig.AppBaseUrl`        | `string` | Base URL of the BrickInv App, e.g. `https://brickinv.com` or `http://localhost:5137` |
+| `Clerk__SecretKey`             | `Clerk.SecretKey`             | `string` | Secret key of the Clerk application                                                  |
+| `Clerk__Authority`             | `Clerk.Authority`             | `string` | Instance URL of the Clerk application                                                |
 
 ## Development
 

diff --git a/backend.env b/backend.env
@@ -1,10 +1,4 @@
-Email__SenderAddress=""
-Email__SenderName=""
-Email__Server=""
-Email__Port=""
-Email__Username=""
-Email__Password=""
-
 AppConfig__RebrickableApiKey=""
 AppConfig__AppBaseUrl=""
-AppConfig__ImprintUrl=""
+Clerk__SecretKey=""
+Clerk__Authority=""
diff --git a/src/backend/Bennetr.BrickInv.Api/Bennetr.BrickInv.Api/Controllers/PartController.cs b/src/backend/Bennetr.BrickInv.Api/Bennetr.BrickInv.Api/Controllers/PartController.cs
@@ -24,7 +24,7 @@ public partial class SetController
     [HttpGet("{setId}/parts")]
     public async Task<ActionResult<IEnumerable<PartDto>>> GetParts([FromRoute] string setId)
     {
-        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId();
+        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId(HttpContext);
 
         await context.Sets
             .Where(x => x.Id == setId)
@@ -51,7 +51,7 @@ await context.Sets
     [HttpGet("{setId}/parts/{partId}")]
     public async Task<ActionResult<PartDto>> GetPart([FromRoute] string setId, [FromRoute] string partId)
     {
-        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId();
+        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId(HttpContext);
 
         var part = await context.Parts
             .Where(x => x.Id == partId)
@@ -81,7 +81,7 @@ public async Task<ActionResult<PartDto>> GetPart([FromRoute] string setId, [From
     public async Task<ActionResult<UpdatePartResponse>> UpdatePart([FromRoute] string setId, [FromRoute] string partId,
         [FromBody] UpdatePartRequest request)
     {
-        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId();
+        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId(HttpContext);
 
         var part = await context.Parts
             .Include(x => x.Set)

diff --git a/src/backend/Bennetr.BrickInv.Api/Bennetr.BrickInv.Api/Controllers/SetController.cs b/src/backend/Bennetr.BrickInv.Api/Bennetr.BrickInv.Api/Controllers/SetController.cs
@@ -24,7 +24,6 @@ namespace Bennetr.BrickInv.Api.Controllers;
 [Authorize]
 public partial class SetController(
     BrickInvContext context,
-    ClerkApiClient clerk,
     IRebrickableClient rebrickable,
     IOptions<AppOptions> options) : ControllerBase
 {
@@ -41,7 +40,7 @@ public partial class SetController(
     [HttpGet]
     public async Task<ActionResult<IEnumerable<SetDto>>> GetSets()
     {
-        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId();
+        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId(HttpContext);
 
         var sets = await context.Sets
             .Where(x => x.OrganizationOrUserId == organizationOrUserId)
@@ -63,7 +62,7 @@ public async Task<ActionResult<IEnumerable<SetDto>>> GetSets()
     [HttpGet("{setId}")]
     public async Task<ActionResult<SetDto>> GetSet([FromRoute] string setId)
     {
-        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId();
+        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId(HttpContext);
 
         var set = await context.Sets
             .Where(x => x.Id == setId)
@@ -118,7 +117,7 @@ public async Task<ActionResult<SetDto>> CreateSet([FromBody] CreateSetRequest re
             throw;
         }
 
-        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId();
+        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId(HttpContext);
 
         var set = new Models.Set
         {
@@ -188,7 +187,7 @@ public async Task<ActionResult<SetDto>> CreateSet([FromBody] CreateSetRequest re
     [HttpDelete("{setId}")]
     public async Task<IActionResult> DeleteSet([FromRoute] string setId)
     {
-        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId();
+        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId(HttpContext);
 
         var set = await context.Sets
             .Where(x => x.Id == setId)
@@ -221,7 +220,7 @@ public async Task<IActionResult> DeleteSet([FromRoute] string setId)
     [HttpPatch("{setId}")]
     public async Task<ActionResult<SetDto>> UpdateSet([FromRoute] string setId, [FromBody] UpdateSetRequest request)
     {
-        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId();
+        var organizationOrUserId = await AuthorizationUtilities.GetOrganizationOrUserId(HttpContext);
 
         var set = await context.Sets
             .Where(x => x.Id == setId)

diff --git a/src/backend/Bennetr.BrickInv.Api/Bennetr.BrickInv.Api/Utilities/AuthorizationUtilities.cs b/src/backend/Bennetr.BrickInv.Api/Bennetr.BrickInv.Api/Utilities/AuthorizationUtilities.cs
@@ -3,16 +3,13 @@
 
 namespace Bennetr.BrickInv.Api.Utilities;
 
-public class AuthorizationUtilities
+public static class AuthorizationUtilities
 {
-    private static readonly HttpContext? HttpContext = new HttpContextAccessor().HttpContext;
     private static readonly JwtSecurityTokenHandler JwtHandler = new();
 
-    public static async Task<string> GetOrganizationOrUserId()
+    public static async Task<string> GetOrganizationOrUserId(HttpContext httpContext)
     {
-        if (HttpContext == null) throw new Exception("GetOrganizationOrUserId called outside of a HTTP context");
-
-        var token = await HttpContext.GetTokenAsync("Bearer", "access_token");
+        var token = await httpContext.GetTokenAsync("Bearer", "access_token");
         var jwt = JwtHandler.ReadJwtToken(token);
 
         try